ganjaplan.7fi.ru/login.php
91.194.2.84200 OK 4.8 kB URL HTTP/1.1 ganjaplan.7fi.ru/login.php
IP 91.194.2.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (713), with CRLF, LF line terminators
Hash 9ede3a4976a93966f554edc840130386
928af6e31096ec2ddbadd8e936dd7c225c3eff94
e137819a458d5e520c796fdf3ff5d0043ef75b12d28377951497e1e475e000ab
Analyzer Verdict Alert fortinet Phishing
GET /login.php HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:37 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19610
Expires: Thu, 15 Dec 2022 12:22:16 GMT
Date: Thu, 15 Dec 2022 06:55:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358212db02ecc7c1fa088906bd2dba14
091a0688da9de609d97349215ba9e452dfc346a4
7486e512e4de8172ac07f07f47da3a96dd3ac7cb054b335f3e4929261440e672
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7486E512E4DE8172AC07F07F47DA3A96DD3AC7CB054B335F3E4929261440E672"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4721
Expires: Thu, 15 Dec 2022 08:14:07 GMT
Date: Thu, 15 Dec 2022 06:55:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8927
Expires: Thu, 15 Dec 2022 09:24:13 GMT
Date: Thu, 15 Dec 2022 06:55:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 15 Dec 2022 06:08:57 GMT
content-type: application/json
age: 2789
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WPdZ1KNlKDwn+eKN28HcJy/XdG+1WYfUqrsPGTEmXffSxBkwA7/oQxqCwvYU4zPfGDrijPIfn8SzhZ8hvYjJWA==
x-amz-request-id: 7BVZEW42KCE8BW22
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 15 Dec 2022 06:50:49 GMT
age: 277
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 06:55:26 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
yandex.st/share/share.js
178.154.131.215200 OK 14 kB IP 178.154.131.215:0
File type Unicode text, UTF-8 text, with very long lines (32058)
Hash 0846935dee0d2ebbb7af7cbce113d5b8
f07346e034d5ad76aa90b38e195500574aafbb4e
2b682e5417a0a08596a80bc834ffeb32948d54373b4020d54fac626e559c1270
GET /share/share.js HTTP/1.1
Host: yandex.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 15 Dec 2022 06:55:26 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216013
Content-Encoding: gzip
Etag: W/"db7132f94e4730c128b638f72b46c899"
Expires: Sat, 17 Dec 2022 18:54:04 GMT
Last-Modified: Wed, 24 Oct 2018 16:00:42 GMT
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Nginx-Request-Id: 275e930ee76b9a8f
ganjaplan.7fi.ru/style/Quicktime/Quicktime.css
91.194.2.84200 OK 4.7 kB URL HTTP/1.1 ganjaplan.7fi.ru/style/Quicktime/Quicktime.css
IP 91.194.2.84:0
File type ASCII text, with CR, LF line terminators
Hash 75d236ac2714b7162dd73b6c4643cf88
4767ffaf017749041d57af8d3fb80465a1fe248a
5901a88742bc1c1a69b8155c105118615f592529932c7653b48b7b7fa4ea1176
GET /style/Quicktime/Quicktime.css HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:37 GMT
Content-Type: text/css
Last-Modified: Sun, 23 Mar 2008 19:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"47e6af7c-5445"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ganjaplan.7fi.ru/style/extra.css?v=14
91.194.2.84200 OK 5.3 kB URL HTTP/1.1 ganjaplan.7fi.ru/style/extra.css?v=14
IP 91.194.2.84:0
File type Unicode text, UTF-8 text, with very long lines (374)
Hash 0786b30c8750ff9f4d70b537371a3f9b
57e0e0afe8c9743f8fde7940fd8106e6c44e482c
d447881e8abec1e2b5032a3889b407b4ca4ccedaa9adee6302903bda8ecb6d9e
GET /style/extra.css?v=14 HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:37 GMT
Content-Type: text/css
Last-Modified: Tue, 06 Apr 2021 06:46:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"606c03cd-5359"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ganjaplan.7fi.ru/style/mobile.css?2
91.194.2.84200 OK 2.7 kB URL HTTP/1.1 ganjaplan.7fi.ru/style/mobile.css?2
IP 91.194.2.84:0
Hash 50bbfaed06b9ced48f1f9596a9778011
4900dc5bd03b4979970960a2b8d3f78e21513874
293d1cd9b43ee93b7d7db96893ed0cba0d357791fb163c09920144bd9415fed7
Analyzer Verdict Alert fortinet Phishing
GET /style/mobile.css?2 HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:37 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Nov 2021 18:38:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61803432-3040"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ganjaplan.7fi.ru/js/extra.js?v=1
91.194.2.84200 OK 1.7 kB URL HTTP/1.1 ganjaplan.7fi.ru/js/extra.js?v=1
IP 91.194.2.84:0
Hash 19496073833e71e4a9944399d2fad541
feb283cb79b79ef146a950f52e7f36fd41f005c8
fc634b35ef9a808f98b03d748c8c91d33b0f90a2c3f67c58a062e3d65e8cadf8
Analyzer Verdict Alert fortinet Phishing
GET /js/extra.js?v=1 HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:37 GMT
Content-Type: application/javascript
Last-Modified: Tue, 06 Apr 2021 06:46:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"606c03cd-1115"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ganjaplan.7fi.ru/js/libs.min.js?v=2
91.194.2.84200 OK 51 kB URL HTTP/1.1 ganjaplan.7fi.ru/js/libs.min.js?v=2
IP 91.194.2.84:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32769)
Hash 651e10669f7f7c1832074fb3e3c9cbe3
a28847ef2a18d9aa63197314b9e41fa7439c2871
6d5466413ed92731bed64127979cd6f35d6b8a4ed38b46cf0d82c475e62b35e8
Analyzer Verdict Alert fortinet Phishing
GET /js/libs.min.js?v=2 HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:37 GMT
Content-Type: application/javascript
Last-Modified: Mon, 17 May 2021 05:58:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60a205fa-24703"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ganjaplan.7fi.ru/style/Quicktime/Quicktime_cs.css
91.194.2.84200 OK 1.3 kB URL HTTP/1.1 ganjaplan.7fi.ru/style/Quicktime/Quicktime_cs.css
IP 91.194.2.84:0
Hash 0344bcb09574e16ac0390dda246aee3e
b6f7a98b22fd936fccb594df1363fee654460287
57e672d7289f7142fb8e2fe0c212a132fae3a1a57aeaf348bf799ea6d4a14d08
GET /style/Quicktime/Quicktime_cs.css HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/Quicktime/Quicktime.css
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:37 GMT
Content-Type: text/css
Last-Modified: Tue, 23 Oct 2012 14:54:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5086afa7-1620"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ganjaplan.7fi.ru/img/Quicktime/bg.gif
91.194.2.84200 OK 2.5 kB URL HTTP/1.1 ganjaplan.7fi.ru/img/Quicktime/bg.gif
IP 91.194.2.84:0
File type GIF image data, version 89a, 10 x 396\012- data
Hash 7f876304d98e721cd423bcb5e29f6e16
9a25bb03827370eab74929a54fa968572ed3225a
614c8bb5379d6fe3688956e4239f56f36bb3a475c3dd374b61f706f2fdece7a4
GET /img/Quicktime/bg.gif HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/Quicktime/Quicktime_cs.css
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:38 GMT
Content-Type: image/gif
Content-Length: 2505
Last-Modified: Sun, 23 Mar 2008 19:37:00 GMT
Connection: keep-alive
ETag: "47e6b15c-9c9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ganjaplan.7fi.ru/img/Quicktime/header.gif
91.194.2.84200 OK 887 B URL HTTP/1.1 ganjaplan.7fi.ru/img/Quicktime/header.gif
IP 91.194.2.84:0
File type GIF image data, version 89a, 10 x 30\012- data
Hash 60230e68b051b086e119569b01f2fce7
44852369c83dea148d7c70a3fad17366be998c87
d12f56e6f38108fb3d51fa1c9a3bfdd5c0331214d751e6e1a95375ad1a568e1c
GET /img/Quicktime/header.gif HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/Quicktime/Quicktime_cs.css
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:38 GMT
Content-Type: image/gif
Content-Length: 887
Last-Modified: Sun, 23 Mar 2008 19:37:00 GMT
Connection: keep-alive
ETag: "47e6b15c-377"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ganjaplan.7fi.ru/vc?408847;0;0.7316531743413246
91.194.2.84200 OK 43 B URL HTTP/1.1 ganjaplan.7fi.ru/vc?408847;0;0.7316531743413246
IP 91.194.2.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Analyzer Verdict Alert fortinet Phishing
GET /vc?408847;0;0.7316531743413246 HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Expires: Wed, 14 Dec 2022 06:55:26 GMT
Cache-Control: no-cache
ganjaplan.7fi.ru/img/Quicktime/menu.gif
91.194.2.84200 OK 107 B URL HTTP/1.1 ganjaplan.7fi.ru/img/Quicktime/menu.gif
IP 91.194.2.84:0
File type GIF image data, version 89a, 1 x 32\012- data
Hash bbdaa5cf5b07d240d100b38f01e9638f
f2121250a0807803b852f3640307043288c22d0e
aedfba8b8818e19c87611d4c789fd56296ae48b4622289c8e4f7eacee2eb2baf
GET /img/Quicktime/menu.gif HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/Quicktime/Quicktime_cs.css
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:38 GMT
Content-Type: image/gif
Content-Length: 107
Last-Modified: Sun, 23 Mar 2008 19:37:00 GMT
Connection: keep-alive
ETag: "47e6b15c-6b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
bs.webtalk.ru/c?pk=bf9ac09ca5b7dd7250c380f456cc23b7d87ff356&r=639ac4e96043d7.08017450
91.194.2.84200 OK 35 B URL HTTP/1.1 bs.webtalk.ru/c?pk=bf9ac09ca5b7dd7250c380f456cc23b7d87ff356&r=639ac4e96043d7.08017450
IP 91.194.2.84:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 729c3007a8ed0597531b0c76d54a94bb
90fe9b8a8142548fdfab29f59cb0a164a0eaef81
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
GET /c?pk=bf9ac09ca5b7dd7250c380f456cc23b7d87ff356&r=639ac4e96043d7.08017450 HTTP/1.1
Host: bs.webtalk.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:38 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="PSA OUR UNI COM"
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Pragma: no-cache
Cache-Control: must-revalidate
Set-Cookie: uid=W8ICVGOaxOo5uGyvBSD5AgA=; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
151.101.1.229200 OK 67 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP 151.101.1.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (557)
Hash 126fdba4163dd2e73333915be3da12e0
41dacdc637ebabe3cb3aea71fa989418c8e8bf90
7c68d8da32105bdb6bebce79e220492f3147198a93d7cb4b535570132287681e
GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.253.0
x-jsd-version-type: version
etag: W/"28b83-JJaJnBP42lnJf5ryvhVfnZ59Tvo"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 15 Dec 2022 06:55:26 GMT
age: 1807
x-served-by: cache-fra-eddf8230043-FRA, cache-bma1637-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 67174
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash a52688b02cd2c6192725ba61a0c2b38f
3eff066d49e91cf7489301bac765bf77f045fb52
c2537f22bff353cbc88109f4ebda3839ab5211d6d53248fdf329947dc4662829
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 06:55:26 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "5DEC883288EB7EEB76654D37464EDF63D2F7C448"
Expires: Thu, 15 Dec 2022 17:00:00 GMT
Last-Modified: Thu, 15 Dec 2022 05:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2324
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779d460f7dc9b524-OSL
www.profitabledisplayformat.com/a212f0f2a1119967fdede12f7070a1d6/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/a212f0f2a1119967fdede12f7070a1d6/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash bc81c1b39d5e5adc243b6065eba056f2
05bbee2f28e77a15e58bcd73625fb920604be581
ca59a7d0b177efdddc74b16ee7b9c4737804b0acb0f5822c904d6e24e3dc2a90
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /a212f0f2a1119967fdede12f7070a1d6/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 15 Dec 2022 06:55:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 96678c3b0a6e74ab17222715e13ef3fc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ganjaplan.7fi.ru/img/Quicktime/arrow.gif
91.194.2.84200 OK 918 B URL HTTP/1.1 ganjaplan.7fi.ru/img/Quicktime/arrow.gif
IP 91.194.2.84:0
File type GIF image data, version 89a, 10 x 10\012- data
Hash 5cd24532edd6c00a9c80ac7a57b62d83
1afa97e0e6893e85052af614eddb772789c2a04b
4db68bae0de18a9d3029957354ddc3be4e12ce43bb92e8e2d78b5ed6a32c3e66
GET /img/Quicktime/arrow.gif HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/Quicktime/Quicktime_cs.css
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=; _ym_uid=1671087324299671850; _ym_d=1671087324
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:38 GMT
Content-Type: image/gif
Content-Length: 918
Last-Modified: Sun, 23 Mar 2008 19:37:00 GMT
Connection: keep-alive
ETag: "47e6b15c-396"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ganjaplan.7fi.ru/img/Quicktime/h2.gif
91.194.2.84200 OK 189 B URL HTTP/1.1 ganjaplan.7fi.ru/img/Quicktime/h2.gif
IP 91.194.2.84:0
File type GIF image data, version 89a, 5 x 24\012- data
Hash d3abd12058db5295bf645ae5c9ac735b
3fd353584dbcd774cc42f44a10bf22f6cbfaeff8
8ab842a2289c06fc9e98c34510dfba617932ab30e40a45630f9ba8824398e273
GET /img/Quicktime/h2.gif HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/Quicktime/Quicktime_cs.css
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=; _ym_uid=1671087324299671850; _ym_d=1671087324
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:38 GMT
Content-Type: image/gif
Content-Length: 189
Last-Modified: Sun, 23 Mar 2008 19:37:00 GMT
Connection: keep-alive
ETag: "47e6b15c-bd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 15 Dec 2022 06:33:21 GMT
age: 1325
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ganjaplan.7fi.ru/i/social.1.png
91.194.2.84200 OK 4.1 kB URL HTTP/1.1 ganjaplan.7fi.ru/i/social.1.png
IP 91.194.2.84:0
File type PNG image data, 588 x 16, 8-bit colormap, non-interlaced\012- data
Hash b53cf2aa68a567b3376d84c16960f486
fdc4d2c2913073ce611c68e4e0d5ae56b87ec3a1
693e8cfadcb3433b03a5f30d94ee7c2ba5a3cb73840f4a9eae225851309eaf6a
GET /i/social.1.png HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/extra.css?v=14
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=; _ym_uid=1671087324299671850; _ym_d=1671087324
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:38 GMT
Content-Type: image/png
Content-Length: 4054
Last-Modified: Sun, 08 May 2016 08:05:17 GMT
Connection: keep-alive
ETag: "572ef33d-fd6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.profitabledisplayformat.com/2d6522511db8fd70e578c3648aaf232b/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/2d6522511db8fd70e578c3648aaf232b/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26943), with no line terminators
Hash e9429576591a478fc5b513abeeb83ac7
a5f6429b02e73dfc5297361b07474bc4959cbfea
3c701e076567e78952e26981fa629170ec9d55076323ef168f1aa7ce4bd4aa6f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /2d6522511db8fd70e578c3648aaf232b/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 15 Dec 2022 06:55:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 29e2c12ae1561db2177e474b24eada42
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 66467d12d1bfafbdf4f376dfc68f493f
75b3cbf9fe63e03252ec6ae83776a7eb35b01488
95550d28ced14ddd12941718c3b79078019b2d5255203a30df7c8aadc15819c5
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 06:55:27 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Mon, 19 Dec 2022 05:46:26 GMT
ETag: "75b3cbf9fe63e03252ec6ae83776a7eb35b01488"
Last-Modified: Thu, 15 Dec 2022 05:46:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 425
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779d4611bfdfb524-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 4e4417a564b9bbf2be3fb9c1414eb855
15c6dc5ddd4081d33f952c932abe4fc3888cff6f
76c883367d4e528d9c6083aa01dd78c224f95dd90e3f06082962993e5739ad00
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112504
Date: Thu, 15 Dec 2022 06:55:27 GMT
Etag: "6399d017-1d7"
Expires: Fri, 16 Dec 2022 14:10:31 GMT
Last-Modified: Wed, 14 Dec 2022 13:31:03 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CTXAGFGfYQEFS0iMoGHEQssyeyWl7iQe1ihIt5kDFPB8LisMk6xbgg==
Age: 2368
simplewebanalysis.com/stats
18.195.193.92200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.195.193.92:0
File type ASCII text, with no line terminators
Hash 44d11f70631be03dd3bce35dfa534935
18dcd3c3101082b932c224311ec94b185b0f3a63
40619e5bab63ecb8ceeb1e3896af487a2edfe02f8caf7d533e4a9631da992ae9
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 06:55:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ganjaplan.7fi.ru
access-control-allow-credentials: true
set-cookie: uid_id2=7aaace71-4597-40aa-83b6-3d9db2e1a299:2:1; expires=Sun, 12 Dec 2032 06:55:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
mc.yandex.ru/watch/59396/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Ajaghkvs77dh9tvchj66zn%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1371753214434%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065524%3Aet%3A1671087324%3Ac%3A1%3Arn%3A613216779%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1671087323153%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087324%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.250.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/59396/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Ajaghkvs77dh9tvchj66zn%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1371753214434%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065524%3Aet%3A1671087324%3Ac%3A1%3Arn%3A613216779%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1671087323153%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087324%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash bcff9b32ebf97e71f83a16d7a8ef6497
1a5dc8a044309dc811f06ec889e12bca9ff3026f
5946a3ee83be6f86e43b06797fd3913ae9148b3af9a4e1690bb3922eed0ab8f8
GET /watch/59396/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Ajaghkvs77dh9tvchj66zn%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1371753214434%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065524%3Aet%3A1671087324%3Ac%3A1%3Arn%3A613216779%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1671087323153%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087324%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Referer: http://ganjaplan.7fi.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Thu, 15 Dec 2022 06:55:27 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://ganjaplan.7fi.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 15-Dec-2022 06:55:27 GMT
last-modified: Thu, 15-Dec-2022 06:55:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.195.193.92200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.195.193.92:0
File type ASCII text, with no line terminators
Hash a4a6697a95ccafc4eddb3aace019f9dc
a3c6dca2da467a7ce92332be8ec86a99a7a27c78
2a795f4a8ae21aff48cc1027952c487208b52b7d602df4491fbdd1bd6f599f71
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 06:55:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ganjaplan.7fi.ru
access-control-allow-credentials: true
set-cookie: uid_id2=53f27eee-2a74-4c57-8328-53f690b82b42:1:1; expires=Sun, 12 Dec 2032 06:55:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4968
Cache-Control: max-age=99257
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 06:55:27 GMT
Etag: "63999230-1d7"
Expires: Fri, 16 Dec 2022 10:29:44 GMT
Last-Modified: Wed, 14 Dec 2022 09:06:56 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
w.uptolike.com/widgets/v1/uptolike.js
95.163.114.204200 OK 8.3 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/uptolike.js
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (565)
Hash 6075742d564fbc306a88508d7e0e5d3d
769855acd94bae595564826b23fa3f738c806799
cda0005e8be6a96fed733b0ea7cfa06fbcb3123c3692ed3d3ce7e8ee83587c63
GET /widgets/v1/uptolike.js HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:27 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: utl_id2=29972870259; Expires=Sat, 14 Dec 2024 06:55:27 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CKOPxKTRMBAAIKPgjq3RMCij4I6t0TAwAI4bzKManx0243xJQNWlwTo="; Expires=Sat, 14 Dec 2024 06:55:27 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
Cache-Control: max-age=1800
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Expires: Thu, 15 Dec 2022 07:25:27 GMT
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1bb5b6506385783ddf54f8f29956d04d
747a0e5e6e2ee72d376cad21d2a92766ecac920b
abaeb37aa8003eaf11ce9422c0025a2df2bf7cc6606d0b4307273cfe17072800
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ABAEB37AA8003EAF11CE9422C0025A2DF2BF7CC6606D0B4307273CFE17072800"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2765
Expires: Thu, 15 Dec 2022 07:41:32 GMT
Date: Thu, 15 Dec 2022 06:55:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c3b33520e348e4ac1b7476ddde77a1eb
d45a6c82ec035b52c076c9b2e7cf2271e1bd55ed
ee7837ae92fc886281dadae6afd19493db0d6780da589056e4d94a4cc422e96f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE7837AE92FC886281DADAE6AFD19493DB0D6780DA589056E4D94A4CC422E96F"
Last-Modified: Tue, 13 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2800
Expires: Thu, 15 Dec 2022 07:42:07 GMT
Date: Thu, 15 Dec 2022 06:55:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d282f9461a1532ed54c5c7f85f30b210
a4893ee48624565f29eda0fd41e1b3420042dd07
39e82a1b58dacf31e063134f06031478c15523a12332a6522903bb6c70ae34f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39E82A1B58DACF31E063134F06031478C15523A12332A6522903BB6C70AE34F7"
Last-Modified: Tue, 13 Dec 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4911
Expires: Thu, 15 Dec 2022 08:17:18 GMT
Date: Thu, 15 Dec 2022 06:55:27 GMT
Connection: keep-alive
w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1671087324583148
95.163.114.204200 OK 84 B URL HTTP/1.1 w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1671087324583148
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type ASCII text, with no line terminators
Hash 361b15a4cdd9aeebf403eb9e3f96631d
a1aca4db114c679e070a0c49b3023f63c98b81f6
d3658893869d37b31b7538df6b7b23031ba45c49be97be00372fb7266b83fc9d
GET /widgets/v1/version.js?cb=cb__utl_cb_share_1671087324583148 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:27 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 23 Nov 2022 19:31:36 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=29972870341; Expires=Sat, 14 Dec 2024 06:55:27 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="COeRxKTRMBAAIOfijq3RMCjn4o6t0TAwAOabNsYdSoyUWqvR138iP6g="; Expires=Sat, 14 Dec 2024 06:55:27 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
push.services.mozilla.com/
34.213.140.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.140.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cMJ8WbL2GlaaknGWufQ8wg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A9n9Y0lyCobWrWcV8TtOjwWrJEA=
wearisomeraynope.com/watch.1526346517564.js?key=a212f0f2a1119967fdede12f7070a1d6&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=7aaace71-4597-40aa-83b6-3d9db2e1a299%3A2%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 wearisomeraynope.com/watch.1526346517564.js?key=a212f0f2a1119967fdede12f7070a1d6&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=7aaace71-4597-40aa-83b6-3d9db2e1a299%3A2%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1526346517564.js?key=a212f0f2a1119967fdede12f7070a1d6&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=7aaace71-4597-40aa-83b6-3d9db2e1a299%3A2%3A1 HTTP/1.1
Host: wearisomeraynope.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Thu, 15 Dec 2022 06:55:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ganjaplan.7fi.ru
Access-Control-Allow-Origin: http://ganjaplan.7fi.ru
Access-Control-Allow-Credentials: true
Location: https://wearisomeraynope.com/watch.1526346517564.js?key=a212f0f2a1119967fdede12f7070a1d6&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=7aaace71-4597-40aa-83b6-3d9db2e1a299%3A2%3A1&shu=10b3bbcd1c0082ddd02e377c0a0daafae32718e3cbe9d64f40890e679544665405eb3f519861ab77d7c43e719ef687277a88d7850085b8d49f97a60744ebe4408f522f5f44e4f5438cc65f0e640f68cca184519ac162914e9aec6181437d47&pst=1671087387&rmtc=t
Set-Cookie: u_pl=17981598; expires=Fri, 16 Dec 2022 06:55:27 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk4MTU5OCwiayI6ImEyMTJmMGYyYTExMTk5NjdmZGVkZTEyZjcwNzBhMWQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDgxMTQxLCJwaWQiOjYxNjYxMywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiY2MwczI3d3QiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2dhbmphcGxhbi43ZmkucnUvbG9naW4ucGhwIn19.VPgxiP3NW8pMGXu3xGWYHTBUIG9zlOj_sBd2HAOW40E; expires=Thu, 15 Dec 2022 06:56:27 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0da6d3364895d921d72fe9a3fc442844
Strict-Transport-Security: max-age=0; includeSubdomains
seduceobscure.com/watch.354690721250.js?key=2d6522511db8fd70e578c3648aaf232b&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=53f27eee-2a74-4c57-8328-53f690b82b42%3A1%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 seduceobscure.com/watch.354690721250.js?key=2d6522511db8fd70e578c3648aaf232b&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=53f27eee-2a74-4c57-8328-53f690b82b42%3A1%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.354690721250.js?key=2d6522511db8fd70e578c3648aaf232b&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=53f27eee-2a74-4c57-8328-53f690b82b42%3A1%3A1 HTTP/1.1
Host: seduceobscure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Thu, 15 Dec 2022 06:55:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ganjaplan.7fi.ru
Access-Control-Allow-Origin: http://ganjaplan.7fi.ru
Access-Control-Allow-Credentials: true
Location: https://seduceobscure.com/watch.354690721250.js?key=2d6522511db8fd70e578c3648aaf232b&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=53f27eee-2a74-4c57-8328-53f690b82b42%3A1%3A1&shu=e74708c61ba2cfa6e0229db8729f90662e8d314692c1562f3bc1cfc61104aedaa8dc5fe13c815cd31ab4144f1005458a78fd24c4980fd91268124a601874aeaec1d3d5ec0003b020831af14c804fc2a6555e4979b3e13863d7889368b7&pst=1671087387&rmtc=t
Set-Cookie: u_pl=17981818; expires=Fri, 16 Dec 2022 06:55:27 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk4MTgxOCwiayI6IjJkNjUyMjUxMWRiOGZkNzBlNTc4YzM2NDhhYWYyMzJiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDgxMTQxLCJwaWQiOjYxNjYxMywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJlMWZ1NjNnc2UwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9nYW5qYXBsYW4uN2ZpLnJ1L2xvZ2luLnBocCJ9fQ.yhgYbGQdL_mytnbmowp_B6e3sMD0YWia0y341fLEU-4; expires=Thu, 15 Dec 2022 06:56:27 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5e6d454a0d5bb658795d6f4619fdbc75
Strict-Transport-Security: max-age=0; includeSubdomains
w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
95.163.114.204200 OK 42 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (783)
Hash 36e31a5362200127257f343ad21c9f3e
f5b05b2a24ca19d756b4cecf0ec80b304a0c7d2a
2ff107bc4ae47641d278b80ed6fa1a75f0a6f84bcd8f9aa16be825e32aace97a
GET /widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Cookie: utl_id2=29972870341; utl_dat="COeRxKTRMBAAIOfijq3RMCjn4o6t0TAwAOabNsYdSoyUWqvR138iP6g="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:27 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Thu, 15 Dec 2022 07:25:27 GMT
Content-Encoding: gzip
w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
95.163.114.204200 OK 4.4 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (585)
Hash 51f01f98377569bbbc324944b01bdbdf
916b5de4cc082a3ff9414c3a88542fc32c2ec89a
f5d5637c94689e5b58c9b3b0d9a18acc3a5ed5550f33ec9c86a3d3f25e16e7bb
GET /widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Cookie: utl_id2=29972870341; utl_dat="COeRxKTRMBAAIOfijq3RMCjn4o6t0TAwAOabNsYdSoyUWqvR138iP6g="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:27 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Thu, 15 Dec 2022 07:25:27 GMT
Content-Encoding: gzip
wearisomeraynope.com/watch.1526346517564.js?key=a212f0f2a1119967fdede12f7070a1d6&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=7aaace71-4597-40aa-83b6-3d9db2e1a299%3A2%3A1&shu=10b3bbcd1c0082ddd02e377c0a0daafae32718e3cbe9d64f40890e679544665405eb3f519861ab77d7c43e719ef687277a88d7850085b8d49f97a60744ebe4408f522f5f44e4f5438cc65f0e640f68cca184519ac162914e9aec6181437d47&pst=1671087387&rmtc=t
192.243.59.13200 OK 2.4 kB URL HTTP/1.1 wearisomeraynope.com/watch.1526346517564.js?key=a212f0f2a1119967fdede12f7070a1d6&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=7aaace71-4597-40aa-83b6-3d9db2e1a299%3A2%3A1&shu=10b3bbcd1c0082ddd02e377c0a0daafae32718e3cbe9d64f40890e679544665405eb3f519861ab77d7c43e719ef687277a88d7850085b8d49f97a60744ebe4408f522f5f44e4f5438cc65f0e640f68cca184519ac162914e9aec6181437d47&pst=1671087387&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (3109)
Hash f7295ebdb239905e59de476fa40524ec
286e1ad72c361ebdb14651de4aa8479d79078da3
102ce3ea90a49db5b6598aa3f284207b9fb04ff5b81b0f6fbe426f06ec93fdad
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1526346517564.js?key=a212f0f2a1119967fdede12f7070a1d6&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=7aaace71-4597-40aa-83b6-3d9db2e1a299%3A2%3A1&shu=10b3bbcd1c0082ddd02e377c0a0daafae32718e3cbe9d64f40890e679544665405eb3f519861ab77d7c43e719ef687277a88d7850085b8d49f97a60744ebe4408f522f5f44e4f5438cc65f0e640f68cca184519ac162914e9aec6181437d47&pst=1671087387&rmtc=t HTTP/1.1
Host: wearisomeraynope.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Referer: http://ganjaplan.7fi.ru/
Connection: keep-alive
Cookie: u_pl=17981598; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk4MTU5OCwiayI6ImEyMTJmMGYyYTExMTk5NjdmZGVkZTEyZjcwNzBhMWQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDgxMTQxLCJwaWQiOjYxNjYxMywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiY2MwczI3d3QiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2dhbmphcGxhbi43ZmkucnUvbG9naW4ucGhwIn19.VPgxiP3NW8pMGXu3xGWYHTBUIG9zlOj_sBd2HAOW40E
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 15 Dec 2022 06:55:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ganjaplan.7fi.ru
Access-Control-Allow-Origin: http://ganjaplan.7fi.ru
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7aaace71-4597-40aa-83b6-3d9db2e1a299:2:1; expires=Thu, 22 Dec 2022 06:55:27 GMT; secure; SameSite=None
iprc583c6f9aadb7a328944a93925d71138b=2060095; expires=Thu, 29 Dec 2022 06:55:27 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 16 Dec 2022 06:55:27 GMT; secure; SameSite=None
uncs=1; expires=Fri, 16 Dec 2022 06:55:27 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 16 Dec 2022 06:55:27 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 16 Dec 2022 06:55:27 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6ede197cc575b7db94adb49b683fa296
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
seduceobscure.com/watch.354690721250.js?key=2d6522511db8fd70e578c3648aaf232b&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=53f27eee-2a74-4c57-8328-53f690b82b42%3A1%3A1&shu=e74708c61ba2cfa6e0229db8729f90662e8d314692c1562f3bc1cfc61104aedaa8dc5fe13c815cd31ab4144f1005458a78fd24c4980fd91268124a601874aeaec1d3d5ec0003b020831af14c804fc2a6555e4979b3e13863d7889368b7&pst=1671087387&rmtc=t
192.243.59.12200 OK 2.4 kB URL HTTP/1.1 seduceobscure.com/watch.354690721250.js?key=2d6522511db8fd70e578c3648aaf232b&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=53f27eee-2a74-4c57-8328-53f690b82b42%3A1%3A1&shu=e74708c61ba2cfa6e0229db8729f90662e8d314692c1562f3bc1cfc61104aedaa8dc5fe13c815cd31ab4144f1005458a78fd24c4980fd91268124a601874aeaec1d3d5ec0003b020831af14c804fc2a6555e4979b3e13863d7889368b7&pst=1671087387&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (3080)
Hash 73534ed51d9934a0a463d1b0c33e4a9d
2d5e311c3b08f872e5ad9b4fabb1ec2e0a06e025
babb0df38cb5854a7637b4ce5b2f760acd6075d4b696d948afe2648696931d66
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.354690721250.js?key=2d6522511db8fd70e578c3648aaf232b&kw=%5B%22%D0%B2%D0%BE%D0%B9%D1%82%D0%B8%22%5D&refer=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=53f27eee-2a74-4c57-8328-53f690b82b42%3A1%3A1&shu=e74708c61ba2cfa6e0229db8729f90662e8d314692c1562f3bc1cfc61104aedaa8dc5fe13c815cd31ab4144f1005458a78fd24c4980fd91268124a601874aeaec1d3d5ec0003b020831af14c804fc2a6555e4979b3e13863d7889368b7&pst=1671087387&rmtc=t HTTP/1.1
Host: seduceobscure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Referer: http://ganjaplan.7fi.ru/
Connection: keep-alive
Cookie: u_pl=17981818; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk4MTgxOCwiayI6IjJkNjUyMjUxMWRiOGZkNzBlNTc4YzM2NDhhYWYyMzJiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDgxMTQxLCJwaWQiOjYxNjYxMywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJlMWZ1NjNnc2UwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9nYW5qYXBsYW4uN2ZpLnJ1L2xvZ2luLnBocCJ9fQ.yhgYbGQdL_mytnbmowp_B6e3sMD0YWia0y341fLEU-4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 15 Dec 2022 06:55:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ganjaplan.7fi.ru
Access-Control-Allow-Origin: http://ganjaplan.7fi.ru
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=53f27eee-2a74-4c57-8328-53f690b82b42:1:1; expires=Thu, 22 Dec 2022 06:55:27 GMT; secure; SameSite=None
iprc786fabb0d8f0f2bb9a6ab914e7c36aef=2060093; expires=Thu, 29 Dec 2022 06:55:27 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 16 Dec 2022 06:55:27 GMT; secure; SameSite=None
uncs=1; expires=Fri, 16 Dec 2022 06:55:27 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 16 Dec 2022 06:55:27 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 16 Dec 2022 06:55:27 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb46ed71e026878b1d577a486e3bd50e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
counter.yadro.ru/hit;build2?t25.10;r;s1280*1024*24;uhttp%3A//ganjaplan.7fi.ru/login.php;0.5156506727157303
88.212.201.198302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit;build2?t25.10;r;s1280*1024*24;uhttp%3A//ganjaplan.7fi.ru/login.php;0.5156506727157303
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit;build2?t25.10;r;s1280*1024*24;uhttp%3A//ganjaplan.7fi.ru/login.php;0.5156506727157303 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
HTTP/1.1 302 Moved Temporarily
Date: Thu, 15 Dec 2022 06:55:27 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit;build2?t25.10;r;s1280*1024*24;uhttp%3A//ganjaplan.7fi.ru/login.php;0.5156506727157303
Content-Length: 32
Expires: Tue, 14 Dec 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTQ5NTMxMiUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHAlM0ElMkYlMkZnYW5qYXBsYW4uN2ZpLnJ1JTJGbG9naW4ucGhwJTIyJTdEJTVE&mode=0&callback=callback__utl_cb_share_1671087325247109
95.163.114.204200 OK 370 B URL HTTP/1.1 w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTQ5NTMxMiUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHAlM0ElMkYlMkZnYW5qYXBsYW4uN2ZpLnJ1JTJGbG9naW4ucGhwJTIyJTdEJTVE&mode=0&callback=callback__utl_cb_share_1671087325247109
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (374)
Hash 682c5ad136ad39d403b1b9f22aa9dbe1
095a19ef255ccf7ddbdbc217cbf07d343cb19b32
abf8a81767fbec709875eaf189fb9c9b96580c15ef3a3bddc670200f261aced4
GET /widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTQ5NTMxMiUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHAlM0ElMkYlMkZnYW5qYXBsYW4uN2ZpLnJ1JTJGbG9naW4ucGhwJTIyJTdEJTVE&mode=0&callback=callback__utl_cb_share_1671087325247109 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Cookie: utl_id2=29972870341; utl_dat="COeRxKTRMBAAIOfijq3RMCjn4o6t0TAwAOabNsYdSoyUWqvR138iP6g="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:27 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 23 Nov 2022 19:31:36 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Encoding: gzip
w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
95.163.114.204200 OK 624 B URL HTTP/1.1 w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (511)
Hash db0f291b1ee364d9de4ad30906fac72a
46ae53e00d5964e1fbd0d75c0483f4718db48e8e
9b2a1dadf125f7367489db7e4bd8c22b34ec3126220422467b0de51f0274f64d
GET /widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Cookie: utl_id2=29972870341; utl_dat="COeRxKTRMBAAIOfijq3RMCjn4o6t0TAwAOabNsYdSoyUWqvR138iP6g="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:27 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Thu, 15 Dec 2022 07:25:27 GMT
Content-Encoding: gzip
ganjaplan.7fi.ru/favicon.ico
91.194.2.84200 OK 318 B URL HTTP/1.1 ganjaplan.7fi.ru/favicon.ico
IP 91.194.2.84:0
File type MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Hash 840e141d31c8e6ac1dd25b3ef7e14996
173f3fff8e64cd778cf9ed03cfac4c041bb1f4ea
2bf8aacfcde39096ca3437a9600810125b7694b56436e33e4417bbc7fa831686
GET /favicon.ico HTTP/1.1
Host: ganjaplan.7fi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOaxOkjzWyoFbrqAgA=; _ym_uid=1671087324299671850; _ym_d=1671087324; dom3ic8zudi28v8lr6fgphwffqoz0j6c=53f27eee-2a74-4c57-8328-53f690b82b42%3A1%3A1; _ym_visorc=w
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:39 GMT
Content-Type: image/x-icon
Content-Length: 318
Last-Modified: Thu, 03 May 2012 17:37:31 GMT
Connection: keep-alive
ETag: "4fa2c25b-13e"
Expires: Sat, 14 Jan 2023 06:55:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash b604b44a44140d3e443d1c1c9da02d8d
05407447253dbbd694e67456c6b25b5112bd359d
0dcc105aceee70b68e812bdb6033ab465720efe541259c35f19aa09fadc88bf8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73737
date: Thu, 15 Dec 2022 06:55:27 GMT
access-control-allow-origin: *
etag: "63933377-12009"
expires: Thu, 15 Dec 2022 07:55:27 GMT
last-modified: Fri, 09 Dec 2022 16:09:11 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 15 Dec 2022 06:55:27 GMT
access-control-allow-origin: *
etag: "63933377-2b"
expires: Thu, 15 Dec 2022 07:55:27 GMT
accept-ranges: bytes
last-modified: Fri, 09 Dec 2022 16:09:11 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
95.163.114.204200 OK 9.1 kB URL HTTP/1.1 w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type Web Open Font Format, TrueType, length 9144, version 0.0\012- data
Hash 2596eafba8821cbd54fb4c4294eea5f2
53046bf3bccd35a24e515fcfbd34b31ec27c841e
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
GET /static/buttons/fonts/icomoon.woff?qq11232333=1232131231321 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:28 GMT
Content-Type: font/woff
Content-Length: 9144
Connection: keep-alive
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
ETag: "599456f5-23b8"
Expires: Tue, 16 May 2023 07:57:03 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
mc.yandex.ru/metrika/watch.js
87.250.250.119302 Moved temporarily 0 B URL HTTP/1.1 mc.yandex.ru/metrika/watch.js
IP 87.250.250.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://mc.yandex.ru/metrika/watch.js
w.uptolike.com/widgets/v1/imp?pid=1495312&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&vp=a6881dde-62d8-4dc0-8d9c-3a9e89c2f6d0&ttl=JUQwJTkyJUQwJUJFJUQwJUI5JUQxJTgyJUQwJUI4&rnd=0.43465450594419575
95.163.114.204204 No Content 0 B URL HTTP/1.1 w.uptolike.com/widgets/v1/imp?pid=1495312&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&vp=a6881dde-62d8-4dc0-8d9c-3a9e89c2f6d0&ttl=JUQwJTkyJUQwJUJFJUQwJUI5JUQxJTgyJUQwJUI4&rnd=0.43465450594419575
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/v1/imp?pid=1495312&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&vp=a6881dde-62d8-4dc0-8d9c-3a9e89c2f6d0&ttl=JUQwJTkyJUQwJUJFJUQwJUI5JUQxJTgyJUQwJUI4&rnd=0.43465450594419575 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Cookie: utl_id2=29972870341; utl_dat="COeRxKTRMBAAIOfijq3RMCjn4o6t0TAwAOabNsYdSoyUWqvR138iP6g="
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 15 Dec 2022 06:55:28 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 6a05959be828725eb86fe3e4527505f3
738fa94cbf6ddbdf2a3cec7bd0e93e0a7d2e62da
fd6ffc9fa358b7075e62fb147ae6ae46e9d108e98e1ecb0d436db695bd5a3bab
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 06:55:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 19 Dec 2022 04:12:10 GMT
ETag: "738fa94cbf6ddbdf2a3cec7bd0e93e0a7d2e62da"
Last-Modified: Thu, 15 Dec 2022 04:12:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1743
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779d4619c99db500-OSL
w.uptolike.com/widgets/v1/extra.js?rnd=0.8967414153973177
95.163.114.204200 OK 1.9 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/extra.js?rnd=0.8967414153973177
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (695)
Hash 72d7a736132c48fe8522fdc8942e7405
901498c42b44b12c64c92f095a2822c5827f9454
9c29f92e8c323368230f0d2b16aa8d03544eb2eca99b8414d05151dec7263092
GET /widgets/v1/extra.js?rnd=0.8967414153973177 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Cookie: utl_id2=29972870341; utl_dat="COeRxKTRMBAAIOfijq3RMCjn4o6t0TAwAOabNsYdSoyUWqvR138iP6g="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:28 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 23 Nov 2022 19:31:36 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=29972870341; Expires=Sat, 14 Dec 2024 06:55:28 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="COeRxKTRMBAAIOfijq3RMCjn4o6t0TAwAOabNsYdSoyUWqvR138iP6g="; Expires=Sat, 14 Dec 2024 06:55:28 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
counter.yadro.ru/hit;build2?t25.10;r;s1280*1024*24;uhttp%3A//ganjaplan.7fi.ru/login.php;0.5156506727157303
88.212.201.198200 OK 107 B URL HTTP/1.1 counter.yadro.ru/hit;build2?t25.10;r;s1280*1024*24;uhttp%3A//ganjaplan.7fi.ru/login.php;0.5156506727157303
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 45001d23220d6faeca3d6fcd4ce2d940
2b396f437fdc0e2b667456b2eba31be98fa33725
d00082c4b7d17873f28ae7a0c6f45d10f083b75712db038254af19dc89b7dde8
GET /hit;build2?t25.10;r;s1280*1024*24;uhttp%3A//ganjaplan.7fi.ru/login.php;0.5156506727157303 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ganjaplan.7fi.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 15 Dec 2022 06:55:28 GMT
Content-Type: image/gif
Content-Length: 107
Connection: keep-alive
Expires: Tue, 14 Dec 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8e1c94c69c554c149da73f35501a199a
7e437f71998fead6933856f1f645f89a11c7dd4b
e8e2ecfc9ede9884acbbdca7627aa9354de64c1428c553afb321c83335b58aba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E2ECFC9EDE9884ACBBDCA7627AA9354DE64C1428C553AFB321C83335B58ABA"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9821
Expires: Thu, 15 Dec 2022 09:39:09 GMT
Date: Thu, 15 Dec 2022 06:55:28 GMT
Connection: keep-alive
mc.yandex.ru/metrika/watch.js
87.250.250.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (557)
Hash 96d4ff6dd2a358e09bf250b879c9438b
da347cfc2a1e08d6af72d62ec0bd4e92150b24ff
ccf4e3ae690a495bd7a1f4bf6c1ce8d71f50771f8f03932fd6af1f941f67da54
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ganjaplan.7fi.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 58117
date: Thu, 15 Dec 2022 06:55:28 GMT
access-control-allow-origin: *
etag: "63933377-e305"
expires: Thu, 15 Dec 2022 07:55:28 GMT
last-modified: Fri, 09 Dec 2022 16:09:11 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/201230/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A2%3Adp%3A0%3Als%3A37217080903%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A424612936%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29ti%282%29
87.250.250.119200 OK 416 B URL HTTP/2 mc.yandex.ru/watch/201230/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A2%3Adp%3A0%3Als%3A37217080903%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A424612936%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (416), with no line terminators
Hash 0be8c256240e0e937d54ed1c1f1260da
083d7d3d7cc1729e85b6a07d25f7f95e1b0fa195
1dcbcb742628b9d50deb0c25e45ef115201a2dde475f2c2ffd2487a1865d95cb
GET /watch/201230/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A2%3Adp%3A0%3Als%3A37217080903%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A424612936%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Referer: http://ganjaplan.7fi.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 416
date: Thu, 15 Dec 2022 06:55:28 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://ganjaplan.7fi.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 15-Dec-2022 06:55:28 GMT
last-modified: Thu, 15-Dec-2022 06:55:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 534 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max speed, from Unix\012- data
Hash adfa04a066839332c27a9ab669e948ba
5e0fd97653ca463dc8136f0e425f55ab6decf1ab
3a3c68ff5e0b10315a8a460ebc13334611cd99ebc2fa86fcf1b2aed5fef19f93
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A174D747923332C230E0FEDE614053544BAB825E52134666F8EA8E5048183EC"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3886
Expires: Thu, 15 Dec 2022 08:00:14 GMT
Date: Thu, 15 Dec 2022 06:55:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 343c07a9f30de5d0dee86f14503e505f
44f9c47c5a055e3b287a54eadf553796cd4a5e27
7957b53cc59532ae3a201dbbe0c2d33087ffa5e59bf76110cbba9426803e9dd5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7957B53CC59532AE3A201DBBE0C2D33087FFA5E59BF76110CBBA9426803E9DD5"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3023
Expires: Thu, 15 Dec 2022 07:45:51 GMT
Date: Thu, 15 Dec 2022 06:55:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fbebe2f85f264e6c9b42ca7522f1f321
d4da16098e3519db228507e169cfde2b0247c607
9031adf5254253dd14b4b67055f2f6b9c663e0bfad27b8a1f47226900bc2c85d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9031ADF5254253DD14B4B67055F2F6B9C663E0BFAD27B8A1F47226900BC2C85D"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8791
Expires: Thu, 15 Dec 2022 09:21:59 GMT
Date: Thu, 15 Dec 2022 06:55:28 GMT
Connection: keep-alive
supraneet.ru/minus/
62.109.6.15200 OK 0 B IP 62.109.6.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /minus/ HTTP/1.1
Host: supraneet.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Thu, 15 Dec 2022 06:55:28 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Thursday, 15-Dec-2022 06:55:28 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
mc.yandex.ru/watch/201230?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A2%3Adp%3A0%3Als%3A37217080903%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A424612936%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(1)fip(1)ti(2)
87.250.250.119302 Found 913 B URL HTTP/2 mc.yandex.ru/watch/201230?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A2%3Adp%3A0%3Als%3A37217080903%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A424612936%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(1)fip(1)ti(2)
IP 87.250.250.119:0
Hash 9531806d16d72f9659eaab01bd09689b
7640f092c2b928c614bb46251477a3c80b3e820b
a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa
GET /watch/201230?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A2%3Adp%3A0%3Als%3A37217080903%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A424612936%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/201230/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A2%3Adp%3A0%3Als%3A37217080903%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A424612936%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29ti%282%29
date: Thu, 15 Dec 2022 06:55:28 GMT
access-control-allow-origin: http://ganjaplan.7fi.ru
set-cookie: yabs-sid=1028234101671087328; Path=/; SameSite=None; Secure
i=BfihbByxmunc17n0w231gip2fb8B5ioAAS5qL4/jJe1uWXWJ5fa1GTxRNtiGtcAITYglKaDdEo4HaBgHIHSMx8jqyjk=; Expires=Sun, 12-Dec-2032 06:55:28 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1753036741671087328; Expires=Fri, 15-Dec-2023 06:55:28 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1753036741671087328; Expires=Fri, 15-Dec-2023 06:55:28 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702623328.yc.1671087328#1702623328.yrts.1671087328#1702623328.yrtsi.1671087328; Expires=Fri, 15-Dec-2023 06:55:28 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 15-Dec-2022 06:55:28 GMT
last-modified: Thu, 15-Dec-2022 06:55:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cntrsync.ru/alt.js
92.63.102.100200 OK 0 B IP 92.63.102.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /alt.js HTTP/1.1
Host: cntrsync.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Thu, 15 Dec 2022 06:55:28 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Thursday, 15-Dec-2022 06:55:28 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5cef93045b168ad88e52b45115f0c2f7
563190340cc47fbfb1e9b66bd68fee8cd8e7b0a2
febeea8a65910f6fd71ca592b27256cf016fcbd8b49a63d05ee7b1fc7b9ea2e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEBEEA8A65910F6FD71CA592B27256CF016FCBD8B49A63D05EE7B1FC7B9EA2E0"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8682
Expires: Thu, 15 Dec 2022 09:20:10 GMT
Date: Thu, 15 Dec 2022 06:55:28 GMT
Connection: keep-alive
mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3A75h6wcsjl31tvi5xjf8ir%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A3%3Adp%3A0%3Als%3A362566869128%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A1034130202%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29ti%282%29
87.250.250.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3A75h6wcsjl31tvi5xjf8ir%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A3%3Adp%3A0%3Als%3A362566869128%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A1034130202%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 6d86083ac5304485ca2340447d294e8c
c6f3d76ac20063c9924f94c1c0e0fc3f6a9e00fb
7ad08ed1949fff568ec1d65f1c4eb954e65308911c4e4c96806b883c4d22766f
GET /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3A75h6wcsjl31tvi5xjf8ir%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A3%3Adp%3A0%3Als%3A362566869128%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A1034130202%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Referer: http://ganjaplan.7fi.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Thu, 15 Dec 2022 06:55:28 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://ganjaplan.7fi.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 15-Dec-2022 06:55:28 GMT
last-modified: Thu, 15-Dec-2022 06:55:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/99/8c/bf/998cbfe02099f7b3e1be6ec647e0528f/1596466136.jpg
45.133.44.9200 OK 21 kB URL HTTP/2 cdn.cloudimagesb.com/bi/99/8c/bf/998cbfe02099f7b3e1be6ec647e0528f/1596466136.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 728x90, components 3\012- data
Hash dc47de4e75a80a4ef1e7f6a5a79aa4d7
245458733d72d1a9008f56346e525b1628cca2f6
40b6737afe8c5ab875fb216aff15c619918057058fe199fb8359773c7ab92801
GET /bi/99/8c/bf/998cbfe02099f7b3e1be6ec647e0528f/1596466136.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 06:55:28 GMT
content-type: image/jpeg
content-length: 20790
server: nginx/1.17.6
last-modified: Mon, 03 Aug 2020 14:48:59 GMT
etag: "5f2823db-5136"
expires: Sat, 17 Dec 2022 06:55:28 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/a4/f6/99/a4f69921940c762ce3548d3eb36e0953/1596640955.jpg
45.133.44.9200 OK 87 kB URL HTTP/2 cdn.cloudimagesb.com/bi/a4/f6/99/a4f69921940c762ce3548d3eb36e0953/1596640955.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, baseline, precision 8, 300x250, components 3\012- data
Hash 2062a7b8153d5c6b61e3c878fb0db0c7
9ce704e722b8cdba404fddcf390f9ef19a13a784
a066cf3ede5d2042d13485f33a1cf7108f27b0d619066837b08ddca34129d232
GET /bi/a4/f6/99/a4f69921940c762ce3548d3eb36e0953/1596640955.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 06:55:28 GMT
content-type: image/jpeg
content-length: 87252
server: nginx/1.17.6
last-modified: Wed, 05 Aug 2020 15:22:38 GMT
etag: "5f2acebe-154d4"
expires: Sat, 17 Dec 2022 06:55:28 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4193
Expires: Thu, 15 Dec 2022 08:05:21 GMT
Date: Thu, 15 Dec 2022 06:55:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4193
Expires: Thu, 15 Dec 2022 08:05:21 GMT
Date: Thu, 15 Dec 2022 06:55:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4193
Expires: Thu, 15 Dec 2022 08:05:21 GMT
Date: Thu, 15 Dec 2022 06:55:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d2294cdacdc84b8b19874ba56035a6d
53009a81b15e464d5529d36b1e04b841b2ae034e
67d59aa026b43ed3f698f3853b986fc7c07e4e6e5f7b3551e59238f79978480a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7616
x-amzn-requestid: 71bbe208-11e3-4280-bf09-bff8bd18fcb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c82fXGmPoAMF3Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950462-12393ca432808b7f0b2771dc;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:12:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7aqhogNxvIgQ_WqzVaVjsoulT568Lgsn_I-nLNpCi_rhcUs7AiCkkQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 17:01:37 GMT
age: 50031
etag: "53009a81b15e464d5529d36b1e04b841b2ae034e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fdd629d-f240-4f70-976e-0a71b7c9ed76.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fdd629d-f240-4f70-976e-0a71b7c9ed76.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 950417131e4e9f1238fc585984f327b5
da28ff9df8e2e423cce7ae247a3e8c8469507c4b
0504b92466cf49c1072ba9d9776d921c76fbe3a1542bc202e9751d9c40566597
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fdd629d-f240-4f70-976e-0a71b7c9ed76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5834
x-amzn-requestid: 63e69ca6-85d6-43e2-9d42-ddff1617fd7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dJ9R8EAZoAMFtUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a4272-40e8a981097612402ae21532;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 21:38:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BUQNBTltYqTVBkbt9QQtXS3vQjvM26E6SuvPdIFqVuq1eusUVL5K3g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 22:32:22 GMT
age: 30186
etag: "da28ff9df8e2e423cce7ae247a3e8c8469507c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07861bcb-0cbb-458b-b85e-45f3efc2391a.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07861bcb-0cbb-458b-b85e-45f3efc2391a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d38060edf5f77bdaa18a4dd3b092c12
50b89e4fbdb88026899ce49cb45b0d6286f303a7
8ff9d03bca03022c717004f96a178d4982d16b575cb70a1a237ca76f90f4f0e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07861bcb-0cbb-458b-b85e-45f3efc2391a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5789
x-amzn-requestid: bb0455df-4252-4b04-a24c-eb101e3e40db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKWBdFAUIAMFaig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a6a09-1e3f6b0d0a59da3807acffee;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 00:27:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QQrpPJpyUuwf5USygp_vUiZ-S2Jt7VUN8yClS2Pt_IUgVwMn-xeDhQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 00:38:36 GMT
etag: "50b89e4fbdb88026899ce49cb45b0d6286f303a7"
content-type: image/jpeg
age: 22612
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5326af81-e7e2-4d6c-93a6-779a6e46a642.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5326af81-e7e2-4d6c-93a6-779a6e46a642.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26fd0eea87bdde875285073a695d3005
03ec879b4eaef86b85f7528abecf1f383b9367d3
f0fbee34d53cc5ff66722caab6917f0833c778ed26b1b31a87424c06af7d480c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5326af81-e7e2-4d6c-93a6-779a6e46a642.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: f516be09-a7cf-486c-8bbd-75593c381048
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dJ8xJEPVIAMFdLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a41a0-00fdce7b73e084af4ce63583;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 21:35:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WKlvxEojtZkTdZmuSTupikiYxxr-BFmS7JvzOqPvla0JgxOBVe2a2A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:40:06 GMT
age: 33322
etag: "03ec879b4eaef86b85f7528abecf1f383b9367d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01abf6b9-c226-4fb9-a04c-780bd7d2c72b.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01abf6b9-c226-4fb9-a04c-780bd7d2c72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cb5e379cd1deb179af4327a86d050a0
b2fa0167851b144bac3d3bd15d3757fa0af3bfd4
2bb59761578f1cf22838c159b92f09a4b498f9edfc71f011c7e46ec237d48cf6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01abf6b9-c226-4fb9-a04c-780bd7d2c72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4458
x-amzn-requestid: 3deddf47-7d8e-44fa-a99e-f91115c41a34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c83JiEjmoAMFgQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950570-511c31485398647522ec02f7;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:17:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sQvYfsIlJjW-_wYeU8W39ithdlePThC78UZ7wjR0k3Bjb_qJ_Hz3dQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 02:10:01 GMT
age: 17127
etag: "b2fa0167851b144bac3d3bd15d3757fa0af3bfd4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86aaca525eba678cdae6480594a8249a
87171c4499e8d82e8ec325e9133c180c0773c1dc
03fb5c8f20a85f301f9bf3096aefb36bbadfdd54d4bdd5227d45fced4ad004d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9864
x-amzn-requestid: f4e0138f-d94b-477d-942b-03c475c92c55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3VwGFX3oAMFoXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392d000-5fa027616c6c5617367f2b3f;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 06:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qGQccPI0OykOc__llgZFDZhT7CYWNMSn1SYTcex-1qmT4ZamwUtTHA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 00:28:13 GMT
age: 23235
etag: "87171c4499e8d82e8ec325e9133c180c0773c1dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
w.uptolike.com/widgets/v1/zp/support.html
95.163.114.204200 OK 3.8 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/zp/support.html
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a4af8c67ad0a2a6f681a742faca4463e
50794dee2e25cb8ec2187256750e00dc3231faa7
10ace92ddcb397879ff3569155caf7c3e28c3b4ee8c35eaddb48af927520ecf5
GET /widgets/v1/zp/support.html HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Cookie: utl_id2=29972870341; utl_dat="COeRxKTRMBAAIOfijq3RMCjn4o6t0TAwAOabNsYdSoyUWqvR138iP6g="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:29 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Thu, 15 Dec 2022 07:25:29 GMT
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 71a91eed161833b0d940374055c62078
476378f3c5ea5efb947ef19803cf58618617a793
46810295aa0145012970b91f56f2e4be3ed42c9535a8c0dc029fd3bf31e23728
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 06:55:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 19 Dec 2022 04:01:43 GMT
ETag: "476378f3c5ea5efb947ef19803cf58618617a793"
Last-Modified: Thu, 15 Dec 2022 04:01:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 611
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779d461f5b80b515-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 71a91eed161833b0d940374055c62078
476378f3c5ea5efb947ef19803cf58618617a793
46810295aa0145012970b91f56f2e4be3ed42c9535a8c0dc029fd3bf31e23728
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 06:55:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 19 Dec 2022 04:01:43 GMT
ETag: "476378f3c5ea5efb947ef19803cf58618617a793"
Last-Modified: Thu, 15 Dec 2022 04:01:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 611
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779d461f5b2fb524-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash bb4616fbdb124682bc776c52d21064f8
0546d90c3baa1a71fb1bfa1a76d27ecdb5fa5fdb
efd148d34447b7cadcf98ad34f7c72960398ca667b3564857051b64ff5953fe9
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 06:55:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 19 Dec 2022 02:57:55 GMT
ETag: "0546d90c3baa1a71fb1bfa1a76d27ecdb5fa5fdb"
Last-Modified: Thu, 15 Dec 2022 02:57:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1643
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779d46203f27b500-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash bb4616fbdb124682bc776c52d21064f8
0546d90c3baa1a71fb1bfa1a76d27ecdb5fa5fdb
efd148d34447b7cadcf98ad34f7c72960398ca667b3564857051b64ff5953fe9
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 06:55:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 19 Dec 2022 02:57:55 GMT
ETag: "0546d90c3baa1a71fb1bfa1a76d27ecdb5fa5fdb"
Last-Modified: Thu, 15 Dec 2022 02:57:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1643
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779d46204fe51c0a-OSL
api.pinterest.com/v1/urls/count.json?&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_16710873264004
2.18.172.195200 OK 92 B URL HTTP/2 api.pinterest.com/v1/urls/count.json?&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_16710873264004
IP 2.18.172.195:0
File type ASCII text, with no line terminators
Hash 1b035789e6e8e353de3faa7912389174
13c629a29d0cc248f5a730719c2693b9e60f8194
11560d6c45b0465ba03ed3bed3599903d7c3788f6e092f88b2e9662b42c2c9ec
GET /v1/urls/count.json?&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_16710873264004 HTTP/1.1
Host: api.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
content-length: 92
expires: Thu, 15 Dec 2022 07:10:29 GMT
x-envoy-upstream-service-time: 1
cache-control: no-cache, no-store, must-revalidate
x-pinterest-rid: 1642880088778454
date: Thu, 15 Dec 2022 06:55:29 GMT
set-cookie: _ir=0; Max-Age=1800; HttpOnly; Path=/; Secure
akamai-grn: 0.540a655f.1671087329.41a94161
x-cdn: akamai
X-Firefox-Spdy: h2
api.pinterest.com/v1/urls/count.json?&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dps&callback=callback__utl_cb_share_1671087326400250
2.18.172.195200 OK 104 B URL HTTP/2 api.pinterest.com/v1/urls/count.json?&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dps&callback=callback__utl_cb_share_1671087326400250
IP 2.18.172.195:0
File type ASCII text, with no line terminators
Hash d798858e14e07257007c32188697fe45
1201cb51ddc9df9a4f8bd0b50c1598e8a145e22c
ac26b761c05be5c6b9c709d9d11e734d124a9cd5316c79ea643999d9bef9b670
GET /v1/urls/count.json?&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dps&callback=callback__utl_cb_share_1671087326400250 HTTP/1.1
Host: api.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
content-length: 104
expires: Thu, 15 Dec 2022 07:10:29 GMT
x-envoy-upstream-service-time: 1
cache-control: no-cache, no-store, must-revalidate
x-pinterest-rid: 1777024374240702
date: Thu, 15 Dec 2022 06:55:29 GMT
set-cookie: _ir=0; Max-Age=1800; HttpOnly; Path=/; Secure
akamai-grn: 0.540a655f.1671087329.41a94162
x-cdn: akamai
X-Firefox-Spdy: h2
vk.com/share.php?act=count&format=json&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dvk&callback=callback__utl_cb_share_1671087326400293
87.240.129.133200 OK 41 B URL HTTP/2 vk.com/share.php?act=count&format=json&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dvk&callback=callback__utl_cb_share_1671087326400293
IP 87.240.129.133:0
File type ASCII text, with no line terminators
Hash 6de86497641c67868bfddcbf5a8bf434
6065bb53c9addbda818a6b172597326ebc31e8dc
51d446e1b704e289975e53c6945dee986d432bb439d02a2afcee7ce1b5bddcf8
GET /share.php?act=count&format=json&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dvk&callback=callback__utl_cb_share_1671087326400293 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Thu, 15 Dec 2022 06:55:29 GMT
content-type: text/html; charset=windows-1251
content-length: 41
x-powered-by: KPHP/7.4.112855
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Mon, 11 Dec 2023 13:02:53 GMT; path=/; domain=.vk.com
remixstlid=9066537373466918492_sXvNZhFeZn1W7tRmidFcfGJUqLhjSXoihiSVsyZ3Qwo; expires=Fri, 15 Dec 2023 06:55:29 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front609304
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
vk.com/share.php?act=count&format=json&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1671087326399288
87.240.129.133200 OK 41 B URL HTTP/2 vk.com/share.php?act=count&format=json&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1671087326399288
IP 87.240.129.133:0
File type ASCII text, with no line terminators
Hash 6de86497641c67868bfddcbf5a8bf434
6065bb53c9addbda818a6b172597326ebc31e8dc
51d446e1b704e289975e53c6945dee986d432bb439d02a2afcee7ce1b5bddcf8
GET /share.php?act=count&format=json&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1671087326399288 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Thu, 15 Dec 2022 06:55:29 GMT
content-type: text/html; charset=windows-1251
content-length: 41
x-powered-by: KPHP/7.4.112855
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Sun, 17 Dec 2023 17:55:24 GMT; path=/; domain=.vk.com
remixstlid=9108899357461872960_daEXTaAGS0CggyXNlFOZTliSiio1fwAWv764eJbA7jD; expires=Fri, 15 Dec 2023 06:55:29 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front609304
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash ca3a208efb19a8003e7c7c68f194bb65
9dc4dfa154f01605f4cb8b7531b75f773dcfac3d
48dd16f8211ef752c0e6d5888a3d2017933b3934d8d7fe5f76a193c2e52f05a4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 06:55:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 19 Dec 2022 05:17:33 GMT
ETag: "9dc4dfa154f01605f4cb8b7531b75f773dcfac3d"
Last-Modified: Thu, 15 Dec 2022 05:17:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 958
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779d46209c26b524-OSL
connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dok&callback=callback__utl_cb_share_1671087326399518
217.20.147.3200 OK 1.5 kB URL HTTP/2 connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dok&callback=callback__utl_cb_share_1671087326399518
IP 217.20.147.3:0
File type ASCII text, with no line terminators
Hash 22d1009223ba5dedf9f0bacf2618a132
33dfbf5bd44d22cc370c6aea54bd69a6cd75e07e
66b3b6088fa5cf7ed1520a696d38e254ff8213c9188d6b7c9cb5e1df0b682f53
GET /dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dok&callback=callback__utl_cb_share_1671087326399518 HTTP/1.1
Host: connect.ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Thu, 15 Dec 2022 06:55:29 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=6667381306286039816; Domain=.ok.ru; Expires=Tue, 02-Jan-2091 10:09:36 GMT; Path=/; Secure; HttpOnly
_statid=e248cc73-dabe-4ef1-9690-eda200d4af5f; Domain=.ok.ru; Expires=Tue, 02-Jan-2091 10:09:36 GMT; Path=/; Secure; HttpOnly
landref=w.uptolike.com; Domain=.ok.ru; Path=/; Secure
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains;preload
access-control-allow-origin: *
access-control-allow-credentials: true
rendered-blocks: WidgetExtLike
content-encoding: br
X-Firefox-Spdy: h2
connect.mail.ru/share_count?func=mrc__shareInit708&url_list=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1671087326401839
94.100.180.55200 OK 91 B URL HTTP/1.1 connect.mail.ru/share_count?func=mrc__shareInit708&url_list=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1671087326401839
IP 94.100.180.55:0
Hash b1bbb3c82831f019bce19dc830167e44
fc66f0db200f47faacb97454eed93fad6949444a
8ba489ebea47d0c107b3602c67a9152c44599c01bc5a793f6074d69b6fb22a2d
GET /share_count?func=mrc__shareInit708&url_list=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1671087326401839 HTTP/1.1
Host: connect.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:29 GMT
Content-Type: text/javascript; charset=UTF-8
Content-Length: 91
Connection: keep-alive
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
connect.mail.ru/share_count?func=mrc__shareInit937&url_list=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dmr&callback=callback__utl_cb_share_1671087326401751
94.100.180.55200 OK 101 B URL HTTP/1.1 connect.mail.ru/share_count?func=mrc__shareInit937&url_list=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dmr&callback=callback__utl_cb_share_1671087326401751
IP 94.100.180.55:0
Hash 6564ea856b5b530ce04fc8003bd1d80b
8022f1ae61158e7c0343f4d607a9dedfeef38e5d
a962544c70c62326f77e1e868b260ad92aa9f0065bf6da434307dbf39671f498
GET /share_count?func=mrc__shareInit937&url_list=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dmr&callback=callback__utl_cb_share_1671087326401751 HTTP/1.1
Host: connect.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 06:55:29 GMT
Content-Type: text/javascript; charset=UTF-8
Content-Length: 101
Connection: keep-alive
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
mc.yandex.ru/webvisor/59396?wv-check=16306&wv-type=0&wmode=0&wv-part=1&wv-hit=1070255890&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&rn=1038512158&browser-info=et%3A1671087332%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221215065532%3Au%3A1671087324299671850%3Avf%3Ajaghkvs77dh9tvchj66zn%3Ast%3A1671087332&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/59396?wv-check=16306&wv-type=0&wmode=0&wv-part=1&wv-hit=1070255890&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&rn=1038512158&browser-info=et%3A1671087332%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221215065532%3Au%3A1671087324299671850%3Avf%3Ajaghkvs77dh9tvchj66zn%3Ast%3A1671087332&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/59396?wv-check=16306&wv-type=0&wmode=0&wv-part=1&wv-hit=1070255890&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&rn=1038512158&browser-info=et%3A1671087332%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221215065532%3Au%3A1671087324299671850%3Avf%3Ajaghkvs77dh9tvchj66zn%3Ast%3A1671087332&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 524
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 15 Dec 2022 06:55:34 GMT
access-control-allow-origin: http://ganjaplan.7fi.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 15-Dec-2022 06:55:34 GMT
last-modified: Thu, 15-Dec-2022 06:55:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/59396?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=1070255890&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&rn=796420926&browser-info=et%3A1671087332%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221215065532%3Au%3A1671087324299671850%3Avf%3Ajaghkvs77dh9tvchj66zn%3Ast%3A1671087332&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/59396?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=1070255890&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&rn=796420926&browser-info=et%3A1671087332%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221215065532%3Au%3A1671087324299671850%3Avf%3Ajaghkvs77dh9tvchj66zn%3Ast%3A1671087332&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/59396?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=1070255890&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&rn=796420926&browser-info=et%3A1671087332%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221215065532%3Au%3A1671087324299671850%3Avf%3Ajaghkvs77dh9tvchj66zn%3Ast%3A1671087332&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 15 Dec 2022 06:55:34 GMT
access-control-allow-origin: http://ganjaplan.7fi.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 15-Dec-2022 06:55:34 GMT
last-modified: Thu, 15-Dec-2022 06:55:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3A75h6wcsjl31tvi5xjf8ir%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A3%3Adp%3A0%3Als%3A362566869128%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A1034130202%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(1)fip(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3A75h6wcsjl31tvi5xjf8ir%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A3%3Adp%3A0%3Als%3A362566869128%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A1034130202%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(1)fip(1)ti(2)
IP 87.250.250.119:0
GET /watch/23414332?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3A75h6wcsjl31tvi5xjf8ir%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A3%3Adp%3A0%3Als%3A362566869128%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A1034130202%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3A75h6wcsjl31tvi5xjf8ir%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A3%3Adp%3A0%3Als%3A362566869128%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065525%3Aet%3A1671087326%3Ac%3A1%3Arn%3A1034130202%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C1071%2C13%2C%2C%2C%2C1247%3Aco%3A0%3Aeu%3A1%3Ans%3A1671087323153%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087326%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29ti%282%29
date: Thu, 15 Dec 2022 06:55:28 GMT
access-control-allow-origin: http://ganjaplan.7fi.ru
set-cookie: yabs-sid=1803133991671087328; Path=/; SameSite=None; Secure
i=Tq1m+YZrYLpTTZTaWgppvbAPUHJ4825stmgDJglDOn2TYrfhl6NUa7W9WbE/sOOtBCpeJ99TPCSUXI1GKcis81cgmTs=; Expires=Sun, 12-Dec-2032 06:55:24 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=6816519711671087328; Expires=Fri, 15-Dec-2023 06:55:28 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6816519711671087328; Expires=Fri, 15-Dec-2023 06:55:28 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702623328.yc.1671087328#1702623328.yrts.1671087328#1702623328.yrtsi.1671087328; Expires=Fri, 15-Dec-2023 06:55:28 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 15-Dec-2022 06:55:28 GMT
last-modified: Thu, 15-Dec-2022 06:55:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1671087326398628
217.20.147.3200 OK 0 B URL HTTP/2 connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1671087326398628
IP 217.20.147.3:0
GET /dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1671087326398628 HTTP/1.1
Host: connect.ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Thu, 15 Dec 2022 06:55:29 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=5853393796450166655; Domain=.ok.ru; Expires=Tue, 02-Jan-2091 10:09:36 GMT; Path=/; Secure; HttpOnly
_statid=89e7f19e-e60c-47b0-97d1-4a5e3788923a; Domain=.ok.ru; Expires=Tue, 02-Jan-2091 10:09:36 GMT; Path=/; Secure; HttpOnly
landref=w.uptolike.com; Domain=.ok.ru; Path=/; Secure
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains;preload
access-control-allow-origin: *
access-control-allow-credentials: true
rendered-blocks: WidgetExtLike
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/watch/59396?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Ajaghkvs77dh9tvchj66zn%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1371753214434%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065524%3Aet%3A1671087324%3Ac%3A1%3Arn%3A613216779%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1671087323153%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087324%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/59396?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Ajaghkvs77dh9tvchj66zn%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1371753214434%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065524%3Aet%3A1671087324%3Ac%3A1%3Arn%3A613216779%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1671087323153%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087324%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
GET /watch/59396?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Ajaghkvs77dh9tvchj66zn%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1371753214434%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065524%3Aet%3A1671087324%3Ac%3A1%3Arn%3A613216779%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1671087323153%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087324%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/59396/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Avf%3Ajaghkvs77dh9tvchj66zn%3Afp%3A778%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1371753214434%3Ahid%3A1070255890%3Az%3A0%3Ai%3A20221215065524%3Aet%3A1671087324%3Ac%3A1%3Arn%3A613216779%3Arqn%3A1%3Au%3A1671087324299671850%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A35%2C29%2C84%2C2%2C-36%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1671087323153%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671087324%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Thu, 15 Dec 2022 06:55:27 GMT
access-control-allow-origin: http://ganjaplan.7fi.ru
set-cookie: yabs-sid=161274151671087327; Path=/; SameSite=None; Secure
i=4+4U82jd8N9JlVTAV0pehq8PAA0HIxVhTEavyLcJcYXYlnWJ7a42pniGZvPU4KI2Vnc8nzZUOibv8/QaC6bogqr1dcg=; Expires=Sun, 12-Dec-2032 06:55:26 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1892531491671087327; Expires=Fri, 15-Dec-2023 06:55:27 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1892531491671087327; Expires=Fri, 15-Dec-2023 06:55:27 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702623327.yc.1671087327#1702623327.yrts.1671087327#1702623327.yrtsi.1671087327; Expires=Fri, 15-Dec-2023 06:55:27 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 15-Dec-2022 06:55:27 GMT
last-modified: Thu, 15-Dec-2022 06:55:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2